WordPress Plugin Vulnerabilities

Easy Digital Downloads < 3.1.1.4.2 - Unauthenticated Privilege Escalation

Description

The plugin does not have authorisation and CSRF in its AJAX action, allowing unauthenticated users to call it, one in particular could allow them to reset any account's password by knowing the username

Affects Plugins

Plugin icon
easy-digital-downloads
Fixed in 3.1.1.4.2

References

CVE
CVE-2023-30869

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Tien Nguyen Anh
Verified
No
WPVDB ID
1fa35321-fc1f-4770-b03c-06ad871dd18f

Timeline

Publicly Published
2023-05-02 (about 1 years ago)
Added
2023-05-02 (about 1 years ago)
Last Updated
2023-05-02 (about 1 years ago)

Other

Published
Title
Published
2021-02-24
Title
Woocommerce Customers Manager < 26.5 - Arbitrary Account Creation/Update by Low Privilege Users
Published
2021-06-28
Title
ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation
Published
2023-04-05
Title
WCFM Membership < 2.10.1 - Unauthenticated Privilege Escalation
Published
2021-01-12
Title
Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Privilege Escalation
Published
2024-02-21
Title
Academy LMS – eLearning and online course solution for WordPress < 1.9.20 - Authenticated (Subscriber+) Privilege Escalation